#关闭nf_conntrack
echo -e "install nf_conntrack /bin/false\nblacklist nf_conntrack\nblacklist nf_conntrack_ipv6\nblacklist xt_conntrack\nblacklist nf_conntrack_ftp\nblacklist xt_state\n
blacklist iptable_nat\nblacklist ipt_REDIRECT\nblacklist nf_nat\nblacklist nf_conntrack_ipv4" > /etc/modprobe.d/blacklist.conf

#禁用selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
setenforce 0